使用bouncycastle / spongycastle读取加密的私钥 [英] Read an encrypted private key with bouncycastle/spongycastle

问题描述

我有一个受密码保护的加密RSA私钥，它是使用PyCrypto（2.6.1）创建的，并根据他们的文档提供以下格式： PrivateKeyInfo，PKCS＃8（DER SEQUENCE）， PEM（RFC1423），请参阅
[ https://www.dlitz.net/software/pycrypto/api/current/Crypto.PublicKey.RSA._RSAobj-class.html#exportKey] 。

I have a password protected, encrypted RSA private key, which was created with PyCrypto (2.6.1) and has according to their docs the following format: PrivateKeyInfo, PKCS#8 (DER SEQUENCE), PEM (RFC1423), see [https://www.dlitz.net/software/pycrypto/api/current/Crypto.PublicKey.RSA._RSAobj-class.html#exportKey].

如何使用Bouncycastle / Spongycastle解密此RSA密钥？

How can I decrypt this RSA key with Bouncycastle/Spongycastle?

我搜索了Google很长时间时间并且只得出结果，要么不能用于版本1.50（因为PEMReader已被弃用并被删除），要么是PEMParser的例子似乎无法读取此格式。顺便说一下：我错过了关于Bouncycastle的文件吗？

I've searched Google for quite a long time and only came up with results, that either won't work with version 1.50 (because PEMReader was deprecated and got removed) or with examples of PEMParser who seems to could not read this format. BTW: Is there any documentation on Bouncycastle I missed?

这是我加密的私钥的标题：

This is the header of my encrypted private key:

-----BEGIN PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,68949227DD8A502D
xyz...

如果有人能帮助我，我真的很感激！

I would really be thankful, if anyone could help me out!

推荐答案

总结我在这个主题上发现的这里和那里：

To sum up what I found on this topic here and there :

这是最终的代码，如果你想获得模数例如：

Here is the final code if you want to get the modulus for example :

// For JcaPEMKeyConverter().setProvider("BC")
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

// Using bcpkix-jdk14-1.48
PEMParser pemParser = new PEMParser(new FileReader(file));
Object object = pemParser.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair kp;
if (object instanceof PEMEncryptedKeyPair)
{
    // Encrypted key - we will use provided password
    PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) object;
    PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
    kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
}
else
{
    // Unencrypted key - no password needed
    PEMKeyPair ukp = (PEMKeyPair) object;
    kp = converter.getKeyPair(ukp);
}

// RSA
KeyFactory keyFac = KeyFactory.getInstance("RSA");
RSAPrivateCrtKeySpec privateKey = keyFac.getKeySpec(kp.getPrivate(), RSAPrivateCrtKeySpec.class);

return privateKey;

然后你可以打电话给例如：

And then you can call for example :

privateKey.getModulus();

这篇关于使用bouncycastle / spongycastle读取加密的私钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！